When the U.K. officially voted to part from the European Union, the British pound took an unprecedented beating and the world market was flipped on its ear. With such an upheaval already witnessed in this incipient wake of the Brexit, most stay tuned to see how the economy and political landscape will settle. As a privacy enthusiast, however, I’m hung up wondering what kind of stance the Brits are going take on data protection and privacy as a newly independent nation. As I see it, the U.K. really only has two plays to run with:
Same Doctrine, Different Name (maybe with some English panache)
A logical route the Brits could take in instituting a new privacy model post-Brexit could simply be mirroring the framework of the General Data Protection Regulation (GDPR) and negotiating similar international terms based on the unofficial specs of the Privacy Shield. After chaffing the European Union as they have, this would promote continental solidarity and give English data subjects a similar level of assurance as expected with the old regime. Furthermore, legislation with a familiar tone as suggested here may be easier to move through parliament.
Grease the Road to Recovery
Alternatively, instead of just draping the Union Jack over the covenants of the GDPR, a less demanding approach to privacy may serve the U.K. better on the global front. At this desperate point in time, when support from the international community is imperative to strengthen support and boost commerce, putting forward a less prickly privacy doctrine may be the best move. Promulgating national standards that may be a better medium for the United States and other players in the world market may strengthen relationships aboard and prove to drag less (compared to the painfully sluggish Privacy Shield).
Just like any divorce, it’ll take time for the U.K. to find its footing and individualize itself; to figure out who it is by itself. For now, we’ll just have to keep calm and carry on.
About the Author
A manager with Schellman, Zach Schmitt has a concentration in IT security and privacy in the Washington D.C. attestation and compliance practice. He is a member of the International Association of Privacy Professionals (IAPP) and endeavors to share his observations and feelings on the certain evolution of data security and privacy. Zach is a graduate of Virginia Tech and has BAs in Accounting & Information Systems and Marketing Management.More Content by Zach Schmitt